I want to be able to send an authenticated requests via http header when I'm in localhost, but I can't do that before adding this:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.)
RewriteRule . - [e=HTTP_AUTHORIZATION:%1]
to my .htaccess file, but I can't find the file. I have enable to see alle hidden files, but none of them is .htaccess. Hope you guys can help - Thank you.
PS I'm using this guide which tell me what to do to make send a http header reqeust when on localhost: https://github.com/tymondesigns/jwt-auth/wiki/Authentication
A .htaccess file won't be created by Apache automatically. You have to create it yourself (or use the regular configuration files, which would be slightly more efficient is the method recommended by the Apache documentation).
Related
I use WHM for hosting which allows me to make many cpanel accounts. Every time I make a cpanel account it has a new .htaccess file inside public_html with the same code inside
I want to be able to change this code to mine but not on one cpanel but rather on all. so every new cPanel has my edited code automatically when made rather then editing it manually.
I cant seem to find the default .htaccess on my server. How can I go about doing this?
I use litespeed also.
tried to find the .htaccess config on server and inside whm
I think there is such thing as a "global htaccess"
for WHM/cPanel, the closest thing you can do is Include that can affect all vhost
not sure what you want to do with htaccess, but I assume it should also work in Apache conf file
e.g.
/etc/apache2/conf.d/userdata/ssl/2_4/deny.conf
/etc/apache2/conf.d/userdata/std/2_4/deny.conf
put content like
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_URI} xmlrpc.php
RewriteRule .* - [F,L]
</IfModule>
restart Apache/LSWS, then this will make all vhost's /xmlrpc.php end up in 403 error.
ref: https://docs.cpanel.net/ea4/apache/modify-apache-virtual-hosts-with-include-files/
I've spent all day looking for a solution on how to make files inaccessible directly, but still accessible to scripts.
All answers I've found lead me in round about loops.
This may be useful to someone.
If anyone has a better solution,
Please Post.
Here is the one I have found.
How to make files only accessible to scripts ( Including Client Side Scripts? ) / Innacessable Directly (IE: Through URL)?
Turn on mod_rewrite
in .htaccess file:
RewriteEngine on
RewriteCond %{HTTP_REFERER} !http://*************
RewriteCond %{HTTP_REFERER} !http://*************
RewriteRule ^ - [L,F]
Type in your domain in the ******
Use Https if needed.
If by "direct" you mean file access from a browser, then you can require that an HTTP client presents a custom header, e.g. X-Access: authorized_script so it can't be easily sent from a browser.
This answer discusses how it's done with Apache.
I'm developing a webapp and for the static files I'm simply using apache at localhost while the backend is on a couchdb instance running at localhost:5984.
The webapp interacts with files from the backend all the time. So what is happening when trying to test on apache all file requests to localhost:5984 are getting blocked due the cross-domain policy so the only way to get that working is starting the browser by setting flags to ignore that.
But again I get stuck when trying to test the app on mobile such ipad or iphone.
Currently I have this on my .htaccess file.
RewriteEngine on
# these are 302 http redirections instead of serving as a proxy
RewriteRule auth http://localhost:5984/auth [L]
RewriteRule db/([\s\S]+) http://localhost:5984/db/$1 [L]
RewriteRule send/([\s\S]+) http://localhost:5984/send/$1 [L]
# these are just redirections to static files and work great
RewriteRule ^([a-z/.]+) _attachments/$1 [L]
RewriteRule ^$ _attachments/ [L]
As you can see I have really no idea on how to deal with apache configuration unfortunately.
But what is happening right now is that for some of these rules apache is simply redirecting the page instead of provide it as a proxy server which causes the issue with cross-domain.
Also on the first auth rule I send POST and DELETE requests which as a redirection instead of proxy it won't pass the data being POSTed through.
So what I would like to achieve is to activate some kind of feature (if it exists) which will make apache simply render the page as it was on the localhost domain instead of redirect it. (I named this a a proxy, but perhaps that's not even the right term, sorry for any mistake committed with the nomenclatures).
Is is possible to achieve such action?
Thanks in advance
Have a look at these links / options:
[P] flag:
http://httpd.apache.org/docs/current/rewrite/flags.html#flag_p
http://httpd.apache.org/docs/current/rewrite/proxy.html
mod_proxy (possibly -- but I think #1 should be enough if it's on the same server):
http://httpd.apache.org/docs/current/mod/mod_proxy.htm
I am attempting to redirect & rewrite some dynamic PHP URL's to pretty and SEO friendly URLs. I have manged to do this successfully through .htaccess with the following code:
RewriteCond %{QUERY_STRING} ^somevar=green&nodescription=([a-zA-Z0-9_-]*)$
RewriteRule (.*) /green\/%1\/? [L,R=301]
RewriteRule ^green/([^/]*)/$ /script.php?somevar=green&nodescription=$1&rewrite=on [L]
This creates a somewhat pretty URL as follows:
http://www.mysite.com/green/aA43-/
As I say, this works absolutley fine. Apart from one thing. The parameter nodescription contains a non-descriptive random set of letters, numbers and other characters.
I would like to rewrite the nodescription parameter to a more descriptive one. I understand that I can do this with a rewritemap through Apache. However, I have no experience at doing soemthing like this, and I'm not entirely sure where to start.
Normally I would simply alter script.php so that it contains more descriptive parameters, but this time I have no control over the script; I am pulling it from another site using cURL.
Can anybody give me an example of how to pull this off?
Thanks!
Matt
Well, to answer my own question, to pull this off you need access httpd.conf file on your apache server. My shared hosting company didn't allow access to this file (I doubt any would allow you access).
So I bit the bullet and purchased a VPS. I will post the steps I took here in order to set the rewritemap up in the hope that it will help a lost soul :) Ok, here goes...
My VPS has WHM installed, so in WHM I went to:
Server Configuration >> Apache Configuration >> Include Editor
Pre Virtual Host Include >> All Versions
This feature takes any text you put in and includes it in your httpd.conf file without worrying that it will be overwritten at a later stage. If you don't have WHM on your server then you can add the text directly to your httpd.conf file; make sure it is outside and before any virtual hosts.
OK, so I included the following map declaration and rewrite rule:
#Map to redirect (swaps key and value)
RewriteMap rwmap txt:/home/*/public_html/rdmap.txt
<Directory /home/*/public_html/test>
Options All -Indexes
RewriteEngine on
RewriteRule ^url/([^/]*)/$ /script.php?foo=${rwmap:$1|$1}&rewrite=on [L]
</Directory>
The actual map is a simple text file containing key/value pairs - you need to place this file in the directory declared in RewriteMap rwmap txt:/home/*/public_html/rdmap.txt.
And there you go. Apache now rewrites my URLs for me and I now have some nice and pretty SEO optimized links thanks to my rewrite map! Hoorah!
RewriteEngine on
RewriteRule ^green/([^/]*)/(.*)$ /script.php?somevar=green&nodescription=$1&rewrite=on [L]
This rewrite will allow you to pass "arbitrary text" that has nothing to do with the rewrite. For example:
http://www.mysite.com/green/aA43-/some-seo-boosting-title
Will still reroute correctly to script.php; the latter part will simply be ignored by the rewrite.
I am a newbie to ubuntu and apache. Can someone tell me how I could direct to
www.mysite.com/drupal6
when user address www.mysite.com?
Thanks a lot.
Cheers.
If you are running Apache and Ubuntu, there is actually a really easy way to force this redirect using a simple php script.
Create an index.php file in the root of your server and paste the following code into it
<?php header("location: drupal6/") ?>
This will cause the site to auto-redirect to the drupal6 folder whenever it is visited.
This should work. Create a file in the root folder of your server called .htaccess - the dot at the beginning is very important as this helps the server identify the file as a hidden / system config file.
Open the file and paste the following lines of code in :
Options +FollowSymlinks
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ www.mysite.com/drupal6/$1 [R,L]
This should force all traffic to the server to redirect to your custom folder.
A brief explanation of the .htaccess code
If you want rewrites to work, you have to enable the Rewrite Engine and tell the server to follow symlinks.
The second section establishes the rule - specifically applying it to all traffic on the standard web port of 80.
The final line tells the server to grab everything after the URL and append it to the new address (mysite.com/drupal6).
There's a lot more you can do with .htaccess files but you really need to Google for good examples to test out.
Look at Apache's mod_rewrite documentation. You will need a RewriteRule in your apache configuration at the minimum, you may also need RewriteCond's to define when the RewriteRule is used.
Your rewrite pattern will be rewriting the REQUEST_URI with something from: ^/$ to: /drupal6. The ^ and $ are essential to prevent Apache getting into an infinite loop while rewriting the base URI by only matching "/" and not "/anything-else".
I assume you're on a recent version of Ubuntu and Apache? If so, see the Apache 2.2 documentation on mod_rewrite.